在Shell 脚本里嵌入Python
[shell] #!/bin/bash function pytest() { python - $@ <<EOT import sys,datetime print ‘Current Time is %s’ % datetime.datetime.now() print sys.argv EOT } RT=$(pytest $@) echo my python script says: $RT [/shell]
Snmp via Python [IF-MIB]
依赖 pysnmp pysnmp-mibs [python] # -- coding: utf-8 -- ‘’’ Created on 14/11/20. @author: seven ‘’’ from pysnmp.entity.rfc3413.oneliner import cmdgen cmdGen = cmdgen.CommandGenerator() errorIndication, errorStatus, errorIndex, varBindTable = cmdGen.nextCmd( cmdgen.CommunityData(‘community_str’), cmdgen.UdpTransportTarget((‘211.xx.169.xx’, 161)), cmdgen.MibVariable(‘IF-MIB’, ‘ifNumber’), cmdgen.MibVariable(‘IF-MIB’, ‘ifDescr’), cmdgen.MibVariable(‘IF-MIB’, ‘ifType’), cmdgen.MibVariable(‘IF-MIB’, ‘ifMtu’), cmdgen.MibVariable(‘IF-MIB’, ‘ifSpeed’), cmdgen.MibVariable(‘IF-MIB’, ‘ifPhysAddress’), lookupValues=True ) if errorIndication: print(errorIndication) else: if errorStatus: print(‘%s at %s’ % ( errorStatus.prettyPrint(), errorIndex and varBindTable[-1][int(errorIndex) - 1] or ‘?’ ) ) else: for varBindTableRow in varBindTable: for name, val in varBindTableRow: print(‘%s = %s’ % (name.prettyPrint(), val.prettyPrint())) [/python]
Airmail 2 造成Mac Book Pro 极其卡的原因
之前一直找不到原因,分析了cpu 和内存 都不是瓶颈。 突然发现 偏好设置》高级 里有一项 高级图形卡 被我启用了 我这笔记本是集显啊~ 于是关闭此选项后重启 Airmail 2. 果然!不卡了:D
Elasticsearch_river 配置
1. install es-river plugin /usr/share/elasticsearch/bin/plugin -install elasticsearch/elasticsearch-river-rabbitmq/2.0.0 2. install rabbitmq 2.1 add epel repo rpm --import https://fedoraproject.org/static/0608B895.txt wget http://mirrors.yun-idc.com/epel/6/i386/epel-release-6-8.noarch.rpm rpm -i epel-release-6-8.noarch.rpm 2.2 install erlang yum -y install erlang 2.3 install rabbitmq wget http://www.rabbitmq.com/releases/rabbitmq-server/v3.3.4/rabbitmq-server-3.3.4-1.noarch.rpm rpm --import http://www.rabbitmq.com/rabbitmq-signing-key-public.asc yum -y install rabbitmq-server-3.3.4-1.noarch.rpm 2.4 start rabbitmq /etc/init.d/rabbitmq-server start 3 logstash conf … output{ elasticsearch_river { es_host => “localhost” index => “rt-%{+dd.HH.mm.ss}” rabbitmq_host => “localhost” workers => 8 } } … 4. restart elasticsearch 5. restart logstash
D3 时间格式
%a - abbreviated weekday name. %A - full weekday name. %b - abbreviated month name. %B - full month name. %c - date and time, as “%a %b %e %H:%M:%S %Y”. %d - zero-padded day of the month as a decimal number [01,31]. %e - space-padded day of the month as a decimal number [ 1,31]; equivalent to %_d. %H - hour (24-hour clock) as a decimal number [00,23]. %I - hour (12-hour clock) as a decimal number [01,12]. %j - day of the year as a decimal number [001,366]. %m - month as a decimal number [01,12]. %M - minute as a decimal number [00,59]. %L - milliseconds as a decimal number [000, 999]. %p - either AM or PM. %S - second as a decimal number [00,61]. %U - week number of the year (Sunday as the first day of the week) as a decimal number [00,53]. %w - weekday as a decimal number [0(Sunday),6]. %W - week number of the year (Monday as the first day of the week) as a decimal number [00,53]. %x - date, as “%m/%d/%Y”. %X - time, as “%H:%M:%S”. %y - year without century as a decimal number [00,99]. %Y - year with century as a decimal number. %Z - time zone offset, such as “-0700”. %% - a literal “%” character.
Tz
Standard Offset
Canonical ID
Aliases
-12:00
Etc/GMT+12
-11:00
Etc/GMT+11
-11:00
Pacific/Apia
-11:00
Pacific/Midway
-11:00
Pacific/Niue
-11:00
Pacific/Pago_Pago
Pacific/Samoa, US/Samoa
-10:00
America/Adak
America/Atka, US/Aleutian
-10:00
Etc/GMT+10
-10:00
HST
-10:00
Pacific/Fakaofo
-10:00
Pacific/Honolulu
US/Hawaii
-10:00
Pacific/Johnston
-10:00
Pacific/Rarotonga
-10:00
Pacific/Tahiti
-09:30
Pacific/Marquesas
-09:00
America/Anchorage
US/Alaska
-09:00
America/Juneau
-09:00
America/Nome
-09:00
America/Yakutat
-09:00
Etc/GMT+9
-09:00
Pacific/Gambier
-08:00
America/Dawson
-08:00
America/Los_Angeles
US/Pacific, US/Pacific-New
-08:00
America/Santa_Isabel
-08:00
America/Tijuana
America/Ensenada, Mexico/BajaNorte
-08:00
America/Vancouver
Canada/Pacific
-08:00
America/Whitehorse
Canada/Yukon
-08:00
Etc/GMT+8
-08:00
PST8PDT
-08:00
Pacific/Pitcairn
-07:00
America/Boise
-07:00
America/Cambridge_Bay
-07:00
America/Chihuahua
-07:00
America/Dawson_Creek
-07:00
America/Denver
America/Shiprock, Navajo, US/Mountain
-07:00
America/Edmonton
Canada/Mountain
-07:00
America/Hermosillo
-07:00
America/Inuvik
-07:00
America/Mazatlan
Mexico/BajaSur
-07:00
America/Ojinaga
-07:00
America/Phoenix
US/Arizona
-07:00
America/Yellowknife
-07:00
Etc/GMT+7
-07:00
MST
-07:00
MST7MDT
-06:00
America/Bahia_Banderas
-06:00
America/Belize
-06:00
America/Cancun
-06:00
America/Chicago
US/Central
-06:00
America/Costa_Rica
-06:00
America/El_Salvador
-06:00
America/Guatemala
-06:00
America/Indiana/Knox
America/Knox_IN, US/Indiana-Starke
-06:00
America/Indiana/Tell_City
-06:00
America/Managua
-06:00
America/Matamoros
-06:00
America/Menominee
-06:00
America/Merida
-06:00
America/Mexico_City
Mexico/General
-06:00
America/Monterrey
-06:00
America/North_Dakota/Center
-06:00
America/North_Dakota/New_Salem
-06:00
America/Rainy_River
-06:00
America/Rankin_Inlet
-06:00
America/Regina
Canada/East-Saskatchewan, Canada/Saskatchewan
-06:00
America/Swift_Current
-06:00
America/Tegucigalpa
-06:00
America/Winnipeg
Canada/Central
-06:00
CST6CDT
-06:00
Etc/GMT+6
-06:00
Pacific/Easter
Chile/EasterIsland
-06:00
Pacific/Galapagos
-05:00
America/Atikokan
America/Coral_Harbour
-05:00
America/Bogota
-05:00
America/Cayman
-05:00
America/Detroit
US/Michigan
-05:00
America/Grand_Turk
-05:00
America/Guayaquil
-05:00
America/Havana
Cuba
-05:00
America/Indiana/Indianapolis
America/Fort_Wayne, America/Indianapolis, US/East-Indiana
-05:00
America/Indiana/Marengo
-05:00
America/Indiana/Petersburg
-05:00
America/Indiana/Vevay
-05:00
America/Indiana/Vincennes
-05:00
America/Indiana/Winamac
-05:00
America/Iqaluit
-05:00
America/Jamaica
Jamaica
-05:00
America/Kentucky/Louisville
America/Louisville
-05:00
America/Kentucky/Monticello
-05:00
America/Lima
-05:00
America/Montreal
-05:00
America/Nassau
-05:00
America/New_York
US/Eastern
-05:00
America/Nipigon
-05:00
America/Panama
-05:00
America/Pangnirtung
-05:00
America/Port-au-Prince
-05:00
America/Resolute
-05:00
America/Thunder_Bay
-05:00
America/Toronto
Canada/Eastern
-05:00
EST
-05:00
EST5EDT
-05:00
Etc/GMT+5
-04:30
America/Caracas
-04:00
America/Anguilla
-04:00
America/Antigua
-03:00
America/Argentina/San_Luis
-04:00
America/Aruba
-04:00
America/Asuncion
-04:00
America/Barbados
-04:00
America/Blanc-Sablon
-04:00
America/Boa_Vista
-04:00
America/Campo_Grande
-04:00
America/Cuiaba
-04:00
America/Curacao
-04:00
America/Dominica
-04:00
America/Eirunepe
-04:00
America/Glace_Bay
-04:00
America/Goose_Bay
-04:00
America/Grenada
-04:00
America/Guadeloupe
America/Marigot, America/St_Barthelemy
-04:00
America/Guyana
-04:00
America/Halifax
Canada/Atlantic
-04:00
America/La_Paz
-04:00
America/Manaus
Brazil/West
-04:00
America/Martinique
-04:00
America/Moncton
-04:00
America/Montserrat
-04:00
America/Port_of_Spain
-04:00
America/Porto_Velho
-04:00
America/Puerto_Rico
-04:00
America/Rio_Branco
America/Porto_Acre, Brazil/Acre
-04:00
America/Santiago
Chile/Continental
-04:00
America/Santo_Domingo
-04:00
America/St_Kitts
-04:00
America/St_Lucia
-04:00
America/St_Thomas
America/Virgin
-04:00
America/St_Vincent
-04:00
America/Thule
-04:00
America/Tortola
-04:00
Antarctica/Palmer
-04:00
Atlantic/Bermuda
-04:00
Atlantic/Stanley
-04:00
Etc/GMT+4
-03:30
America/St_Johns
Canada/Newfoundland
-03:00
America/Araguaina
-03:00
America/Argentina/Buenos_Aires
America/Buenos_Aires
-03:00
America/Argentina/Catamarca
America/Argentina/ComodRivadavia, America/Catamarca
-03:00
America/Argentina/Cordoba
America/Cordoba, America/Rosario
-03:00
America/Argentina/Jujuy
America/Jujuy
-03:00
America/Argentina/La_Rioja
-03:00
America/Argentina/Mendoza
America/Mendoza
-03:00
America/Argentina/Rio_Gallegos
-03:00
America/Argentina/Salta
-03:00
America/Argentina/San_Juan
-03:00
America/Argentina/Tucuman
-03:00
America/Argentina/Ushuaia
-03:00
America/Bahia
-03:00
America/Belem
-03:00
America/Cayenne
-03:00
America/Fortaleza
-03:00
America/Godthab
-03:00
America/Maceio
-03:00
America/Miquelon
-03:00
America/Montevideo
-03:00
America/Paramaribo
-03:00
America/Recife
-03:00
America/Santarem
-03:00
America/Sao_Paulo
Brazil/East
-03:00
Antarctica/Rothera
-03:00
Etc/GMT+3
-02:00
America/Noronha
Brazil/DeNoronha
-02:00
Atlantic/South_Georgia
-02:00
Etc/GMT+2
-01:00
America/Scoresbysund
-01:00
Atlantic/Azores
-01:00
Atlantic/Cape_Verde
-01:00
Etc/GMT+1
+00:00
Africa/Abidjan
+00:00
Africa/Accra
+00:00
Africa/Bamako
Africa/Timbuktu
+00:00
Africa/Banjul
+00:00
Africa/Bissau
+00:00
Africa/Casablanca
+00:00
Africa/Conakry
+00:00
Africa/Dakar
+00:00
Africa/El_Aaiun
+00:00
Africa/Freetown
+00:00
Africa/Lome
+00:00
Africa/Monrovia
+00:00
Africa/Nouakchott
+00:00
Africa/Ouagadougou
+00:00
Africa/Sao_Tome
+00:00
America/Danmarkshavn
+00:00
Atlantic/Canary
+00:00
Atlantic/Faroe
Atlantic/Faeroe
+00:00
Atlantic/Madeira
+00:00
Atlantic/Reykjavik
Iceland
+00:00
Atlantic/St_Helena
+00:00
Etc/GMT
Etc/GMT+0, Etc/GMT-0, Etc/GMT0, Etc/Greenwich, GMT, GMT+0, GMT-0, GMT0, Greenwich
+00:00
Etc/UCT
UCT
+00:00
Etc/UTC
Etc/Universal, Etc/Zulu, Universal, Zulu
+00:00
Europe/Dublin
Eire
+00:00
Europe/Lisbon
Portugal
+00:00
Europe/London
Europe/Belfast, Europe/Guernsey, Europe/Isle_of_Man, Europe/Jersey, GB, GB-Eire
+00:00
UTC
+00:00
WET
+01:00
Africa/Algiers
+01:00
Africa/Bangui
+01:00
Africa/Brazzaville
+01:00
Africa/Ceuta
+01:00
Africa/Douala
+01:00
Africa/Kinshasa
+01:00
Africa/Lagos
+01:00
Africa/Libreville
+01:00
Africa/Luanda
+01:00
Africa/Malabo
+01:00
Africa/Ndjamena
+01:00
Africa/Niamey
+01:00
Africa/Porto-Novo
+01:00
Africa/Tunis
+01:00
Africa/Windhoek
+01:00
CET
+01:00
Etc/GMT-1
+01:00
Europe/Amsterdam
+01:00
Europe/Andorra
+01:00
Europe/Belgrade
Europe/Ljubljana, Europe/Podgorica, Europe/Sarajevo, Europe/Skopje, Europe/Zagreb
+01:00
Europe/Berlin
+01:00
Europe/Brussels
+01:00
Europe/Budapest
+01:00
Europe/Copenhagen
+01:00
Europe/Gibraltar
+01:00
Europe/Luxembourg
+01:00
Europe/Madrid
+01:00
Europe/Malta
+01:00
Europe/Monaco
+01:00
Europe/Oslo
Arctic/Longyearbyen, Atlantic/Jan_Mayen
+01:00
Europe/Paris
+01:00
Europe/Prague
Europe/Bratislava
+01:00
Europe/Rome
Europe/San_Marino, Europe/Vatican
+01:00
Europe/Stockholm
+01:00
Europe/Tirane
+01:00
Europe/Vaduz
+01:00
Europe/Vienna
+01:00
Europe/Warsaw
Poland
+01:00
Europe/Zurich
+01:00
MET
+02:00
Africa/Blantyre
+02:00
Africa/Bujumbura
+02:00
Africa/Cairo
Egypt
+02:00
Africa/Gaborone
+02:00
Africa/Harare
+02:00
Africa/Johannesburg
+02:00
Africa/Kigali
+02:00
Africa/Lubumbashi
+02:00
Africa/Lusaka
+02:00
Africa/Maputo
+02:00
Africa/Maseru
+02:00
Africa/Mbabane
+02:00
Africa/Tripoli
Libya
+02:00
Asia/Amman
+02:00
Asia/Beirut
+02:00
Asia/Damascus
+02:00
Asia/Gaza
+02:00
Asia/Jerusalem
Asia/Tel_Aviv, Israel
+02:00
Asia/Nicosia
Europe/Nicosia
+02:00
EET
+02:00
Etc/GMT-2
+02:00
Europe/Athens
+02:00
Europe/Bucharest
+02:00
Europe/Chisinau
Europe/Tiraspol
+02:00
Europe/Helsinki
Europe/Mariehamn
+02:00
Europe/Istanbul
Asia/Istanbul, Turkey
+02:00
Europe/Kaliningrad
+02:00
Europe/Kiev
+02:00
Europe/Minsk
+02:00
Europe/Riga
+02:00
Europe/Simferopol
+02:00
Europe/Sofia
+02:00
Europe/Tallinn
+02:00
Europe/Uzhgorod
+02:00
Europe/Vilnius
+02:00
Europe/Zaporozhye
+03:00
Africa/Addis_Ababa
+03:00
Africa/Asmara
Africa/Asmera
+03:00
Africa/Dar_es_Salaam
+03:00
Africa/Djibouti
+03:00
Africa/Kampala
+03:00
Africa/Khartoum
+03:00
Africa/Mogadishu
+03:00
Africa/Nairobi
+03:00
Antarctica/Syowa
+03:00
Asia/Aden
+03:00
Asia/Baghdad
+03:00
Asia/Bahrain
+03:00
Asia/Kuwait
+03:00
Asia/Qatar
+03:00
Asia/Riyadh
+03:00
Etc/GMT-3
+03:00
Europe/Moscow
W-SU
+03:00
Europe/Samara
+03:00
Europe/Volgograd
+03:00
Indian/Antananarivo
+03:00
Indian/Comoro
+03:00
Indian/Mayotte
+03:30
Asia/Tehran
Iran
+04:00
Asia/Baku
+04:00
Asia/Dubai
+04:00
Asia/Muscat
+04:00
Asia/Tbilisi
+04:00
Asia/Yerevan
+04:00
Etc/GMT-4
+04:00
Indian/Mahe
+04:00
Indian/Mauritius
+04:00
Indian/Reunion
+04:30
Asia/Kabul
+05:00
Antarctica/Mawson
+05:00
Asia/Aqtau
+05:00
Asia/Aqtobe
+05:00
Asia/Ashgabat
Asia/Ashkhabad
+05:00
Asia/Dushanbe
+05:00
Asia/Karachi
+05:00
Asia/Oral
+05:00
Asia/Samarkand
+05:00
Asia/Tashkent
+05:00
Asia/Yekaterinburg
+05:00
Etc/GMT-5
+05:00
Indian/Kerguelen
+05:00
Indian/Maldives
+05:30
Asia/Colombo
+05:30
Asia/Kolkata
Asia/Calcutta
+05:45
Asia/Kathmandu
Asia/Katmandu
+06:00
Antarctica/Vostok
+06:00
Asia/Almaty
+06:00
Asia/Bishkek
+06:00
Asia/Dhaka
Asia/Dacca
+06:00
Asia/Novokuznetsk
+06:00
Asia/Novosibirsk
+06:00
Asia/Omsk
+06:00
Asia/Qyzylorda
+06:00
Asia/Thimphu
Asia/Thimbu
+06:00
Etc/GMT-6
+06:00
Indian/Chagos
+06:30
Asia/Rangoon
+06:30
Indian/Cocos
+07:00
Antarctica/Davis
+07:00
Asia/Bangkok
+07:00
Asia/Ho_Chi_Minh
Asia/Saigon
+07:00
Asia/Hovd
+07:00
Asia/Jakarta
+07:00
Asia/Krasnoyarsk
+07:00
Asia/Phnom_Penh
+07:00
Asia/Pontianak
+07:00
Asia/Vientiane
+07:00
Etc/GMT-7
+07:00
Indian/Christmas
+08:00
Antarctica/Casey
+08:00
Asia/Brunei
+08:00
Asia/Choibalsan
+08:00
Asia/Chongqing
Asia/Chungking
+08:00
Asia/Harbin
+08:00
Asia/Hong_Kong
Hongkong
+08:00
Asia/Irkutsk
+08:00
Asia/Kashgar
+08:00
Asia/Kuala_Lumpur
+08:00
Asia/Kuching
+08:00
Asia/Macau
Asia/Macao
+08:00
Asia/Makassar
Asia/Ujung_Pandang
+08:00
Asia/Manila
+08:00
Asia/Shanghai
PRC
+08:00
Asia/Singapore
Singapore
+08:00
Asia/Taipei
ROC
+08:00
Asia/Ulaanbaatar
Asia/Ulan_Bator
+08:00
Asia/Urumqi
+08:00
Australia/Perth
Australia/West
+08:00
Etc/GMT-8
+08:45
Australia/Eucla
+09:00
Asia/Dili
+09:00
Asia/Jayapura
+09:00
Asia/Pyongyang
+09:00
Asia/Seoul
ROK
+09:00
Asia/Tokyo
Japan
+09:00
Asia/Yakutsk
+09:00
Etc/GMT-9
+09:00
Pacific/Palau
+09:30
Australia/Adelaide
Australia/South
+09:30
Australia/Broken_Hill
Australia/Yancowinna
+09:30
Australia/Darwin
Australia/North
+10:00
Antarctica/DumontDUrville
+10:00
Asia/Sakhalin
+10:00
Asia/Vladivostok
+10:00
Australia/Brisbane
Australia/Queensland
+10:00
Australia/Currie
+10:00
Australia/Hobart
Australia/Tasmania
+10:00
Australia/Lindeman
+10:00
Australia/Melbourne
Australia/Victoria
+10:00
Australia/Sydney
Australia/ACT, Australia/Canberra, Australia/NSW
+10:00
Etc/GMT-10
+10:00
Pacific/Chuuk
Pacific/Truk, Pacific/Yap
+10:00
Pacific/Guam
+10:00
Pacific/Port_Moresby
+10:00
Pacific/Saipan
+10:30
Australia/Lord_Howe
Australia/LHI
+11:00
Antarctica/Macquarie
+11:00
Asia/Anadyr
+11:00
Asia/Kamchatka
+11:00
Asia/Magadan
+11:00
Etc/GMT-11
+11:00
Pacific/Efate
+11:00
Pacific/Guadalcanal
+11:00
Pacific/Kosrae
+11:00
Pacific/Noumea
+11:00
Pacific/Pohnpei
Pacific/Ponape
+11:30
Pacific/Norfolk
+12:00
Antarctica/McMurdo
Antarctica/South_Pole
+12:00
Etc/GMT-12
+12:00
Pacific/Auckland
NZ
+12:00
Pacific/Fiji
+12:00
Pacific/Funafuti
+12:00
Pacific/Kwajalein
Kwajalein
+12:00
Pacific/Majuro
+12:00
Pacific/Nauru
+12:00
Pacific/Tarawa
+12:00
Pacific/Wake
+12:00
Pacific/Wallis
+12:45
Pacific/Chatham
NZ-CHAT
+13:00
Etc/GMT-13
+13:00
Pacific/Enderbury
+13:00
Pacific/Tongatapu
+14:00
Etc/GMT-14
+14:00
Pacific/Kiritimati
使用 Elasticsearch+logstash 存储获取实时日志【Cdn Realtime Analytics】
安装的我就不写了。 主要说下方案 nginx 实时吐日志给syslog-ng via pipe syslog-ng 向logstash 推送日志 via internet udp logstash 把日志塞进elasticsearch 并index 发送方: nginx.conf [bash] # … log_format real_time ‘- $time_iso8601 $host $request_time $status $bytes_sent’; server { listen 80; server_name my_test_rt; access_log /dev/realtime.pipe real_time; location /{ proxy_pass http://backend.com; } } # … [/bash] syslog-ng.conf [bash] source s_pipe { pipe(“/dev/realtime.pipe”); }; destination d_udp { udp(“127.0.0.1” port(9999) template (“$MSG\n”) ); }; log {source(s_pipe); destination(d_udp); }; [/bash] [bash] #创建一个管道: makefifo /dev/realtime.pipe #先启动syslog-ng #不然nginx启动时会卡住 service syslog-ng start service nginx start [/bash] 接收方: /etc/logstash/conf.d/rt.conf [bash] input { udp { port =>9999 } } filter { grok { pattern => [“%{TIMESTAMP_ISO8601:timestamp} %{IPORHOST:host} %{IPORHOST:domain} %{NUMBER:request_time} %{NUMBER:status} %{NUMBER:bytes_sent}” ] } mutate { remove_field => [ “message”, “@version” ] } } output { elasticsearch { host => “127.0.0.1” flush_size => 1 index => “rt-%{+YYYY.MM.dd.HH.mm}” } } [/bash] 把logstash 和 elasticsearch 都启动 。整个体系就运转起来了
Elasticsearch+logstash+kibana 初探
花了一点时间搭了个初步的测试环境,分析的apache日志。 鉴于网络上的资料都比较过时了,所以在这里log一下。 测试环境 centos6.3 64bit
安装:
- elasticsearch [goto]
1 | # Download and install the Public Signing Key |
- logstash [goto]
1 | # Add the key |
- kibana [download]
这个不用安装,解压然后放在httpd服务的目录里可以直接用是个纯html5应用(就是个网站),而且装在本机不需要配置,如果elasticsearch不在本机请编辑目录下的config.js指定url
/********************************************************/
配置: elasticsearch 不需要配置,直接run起 /etc/init.d/elasticsearch start P.S. 这个软件很奇葩,默认装的路径在 /usr/share 下。 logstash 配置文件默认是没有的,配置目录在 /etc/logstash/conf.d/ 比如我在此目录下创建了一个配置文件
1 | # /etc/logstash/conf.d/seven.conf input |
解释一下,input 这里设置的apache日志格式是个json格式,这就意味着apache的日志要进行改造,这个方式比用redis,grok等方案更简单,apache的配置见后文。 重点注意:
1 | # /etc/init.d/logstash |
kibana 这个也不用配置,直接可以跑
- apache [goto]
1 | # Create a log format called 'logstash\_json' that emits, in json, the parts of an http |
提供的cookbook[goto]里还有让apache同时支持传统raw data和json日志的方法,我没试过。 
Vsftpd出现 500 OOPS: Cannot Change Directory 的解决办法
我是用了虚拟用户的方案,出现这个问题是因为SElinux 没有关闭。 关闭: [bash] $ setenforce 0 [/bash]